Cybersecurity Practitioners Must Get More Boring?

DanielMiessler.com website Unsupervised Learning has a post SEC vs Solar Winds Cybersecurity’s Enron moment.     The problem is that Cybersecurity is still ‘magic’ to many people and it should not be. It has to be made into a boring endeavor which will make the defense of a company more likely. Making a company secure … Read more

How Fast to Disclose a Breach?

What are the rules (or regulations) that state how fast to disclose and where? SC Magazine has an article on the new rule by the SEC that says a public company should make a disclosure. SEC’s 4-day breach disclosure rule hits opposition in Congress One of the problems was that there was an attacker that … Read more

Phishing by Text Using Post Office Logo & Wording

fake post office text smish attack

I am receiving (just got another one) the following image text is the full size version: As you can see I got this text on Wednesday November 8th at 9:10 am the text says  “The USPS package has arrived at the warehouse and cannot be delivered due to incomplete address information.” Please confirm your address … Read more

Browser Update Scam Improved and Re-issued

KrebsonSecurity has a story from October 18th: “The Fake Browser Update Scam Gets a Makeover” Do you get a message saying you need to update your browser?  Do you know what the message “Should” look like? Is it this after you click on your browser and trying to get somewhere on the Internet? This image … Read more